Sep 14, 2023
When LockBit Ransomware Fails, Attackers Deploy Brand-New ‘3AM’
Posted by Shubham Ghosh Roy in category: cybercrime/malcode
In a recent attack against a construction company, hackers who failed to execute LockBit in a target network were observed deploying a second, never-before-seen ransomware, which managed to break through.
The new tool is rather standard fare, blocking various cybersecurity and backup-related software before locking up files on its host computer. But it distinguishes itself with an adorable little theme: 3 a.m., a time when perhaps only insomniacs, hardcore night owls, and black hat hackers are still up and working away.
In a report this week, researchers from Symantec described the first observed use of 3AM — a double-whammy attack in which the LockBit ransomware was blocked but then 3AM squeaked through in one compromised machine.